From 8414ab883a768e0e8c9cf8f35b3f69a33163fd94 Mon Sep 17 00:00:00 2001 From: James Daugherty Date: Mon, 4 May 2026 22:59:11 -0400 Subject: [PATCH 1/5] Vulnerability scanning for grails-core --- .github/workflows/vulnerability-scan.yml | 195 ++++++++++++++++++ build-logic/plugins/build.gradle | 5 + .../buildsrc/VulnerabilityScanPlugin.groovy | 67 ++++++ gradle.properties | 1 + grails-async/core/build.gradle | 1 + grails-async/gpars/build.gradle | 1 + grails-async/plugin/build.gradle | 1 + grails-async/rxjava/build.gradle | 1 + grails-async/rxjava2/build.gradle | 1 + grails-async/rxjava3/build.gradle | 1 + grails-bootstrap/build.gradle | 1 + grails-cache/build.gradle | 1 + grails-codecs-core/build.gradle | 1 + grails-codecs/build.gradle | 1 + grails-common/build.gradle | 1 + grails-console/build.gradle | 1 + grails-controllers/build.gradle | 1 + grails-converters/build.gradle | 1 + grails-core/build.gradle | 1 + .../boot-plugin/build.gradle | 1 + grails-data-hibernate5/core/build.gradle | 1 + .../dbmigration/build.gradle | 1 + .../grails-plugin/build.gradle | 1 + grails-data-mongodb/boot-plugin/build.gradle | 1 + grails-data-mongodb/bson/build.gradle | 1 + grails-data-mongodb/core/build.gradle | 1 + grails-data-mongodb/ext/build.gradle | 1 + .../grails-plugin/build.gradle | 1 + .../gson-templates/build.gradle | 1 + grails-data-simple/build.gradle | 1 + grails-databinding-core/build.gradle | 1 + grails-databinding/build.gradle | 1 + grails-datamapping-async/build.gradle | 1 + grails-datamapping-core-test/build.gradle | 1 + grails-datamapping-core/build.gradle | 1 + grails-datamapping-rx/build.gradle | 1 + grails-datamapping-support/build.gradle | 1 + grails-datamapping-tck/build.gradle | 1 + grails-datamapping-validation/build.gradle | 1 + grails-datasource/build.gradle | 1 + grails-datastore-async/build.gradle | 1 + grails-datastore-core/build.gradle | 1 + grails-datastore-web/build.gradle | 1 + grails-dependencies/assets/build.gradle | 1 + grails-dependencies/starter-web/build.gradle | 1 + grails-dependencies/test/build.gradle | 1 + grails-domain-class/build.gradle | 1 + grails-encoder/build.gradle | 1 + grails-events/compat/build.gradle | 1 + grails-events/core/build.gradle | 1 + grails-events/gpars/build.gradle | 1 + grails-events/plugin/build.gradle | 1 + grails-events/rxjava/build.gradle | 1 + grails-events/rxjava2/build.gradle | 1 + grails-events/rxjava3/build.gradle | 1 + grails-events/spring/build.gradle | 1 + grails-events/transforms/build.gradle | 1 + grails-fields/build.gradle | 1 + grails-forge/gradle.properties | 2 +- grails-forge/grails-cli-shadow/build.gradle | 1 + grails-forge/grails-cli/build.gradle | 1 + .../build.gradle | 1 + grails-forge/grails-forge-api/build.gradle | 1 + grails-forge/grails-forge-cli/build.gradle | 1 + grails-forge/grails-forge-core/build.gradle | 1 + .../grails-forge-web-netty/build.gradle | 1 + grails-forge/test-core/build.gradle | 1 + grails-geb/build.gradle | 1 + grails-gradle/common/build.gradle | 1 + grails-gradle/model/build.gradle | 1 + grails-gradle/plugins/build.gradle | 1 + grails-gradle/tasks/build.gradle | 1 + grails-gsp/core/build.gradle | 1 + grails-gsp/grails-layout/build.gradle | 1 + grails-gsp/grails-sitemesh3/build.gradle | 1 + grails-gsp/grails-taglib/build.gradle | 1 + grails-gsp/grails-web-gsp-taglib/build.gradle | 1 + grails-gsp/grails-web-gsp/build.gradle | 1 + grails-gsp/grails-web-jsp/build.gradle | 1 + grails-gsp/grails-web-taglib/build.gradle | 1 + grails-gsp/plugin/build.gradle | 1 + grails-i18n/build.gradle | 1 + grails-interceptors/build.gradle | 1 + grails-logging/build.gradle | 1 + grails-micronaut/build.gradle | 1 + grails-mimetypes/build.gradle | 1 + grails-profiles/base/build.gradle | 1 + grails-profiles/plugin/build.gradle | 1 + grails-profiles/profile/build.gradle | 1 + grails-profiles/rest-api-plugin/build.gradle | 1 + grails-profiles/rest-api/build.gradle | 1 + grails-profiles/web-plugin/build.gradle | 1 + grails-profiles/web/build.gradle | 1 + grails-rest-transforms/build.gradle | 1 + grails-scaffolding/build.gradle | 1 + grails-services/build.gradle | 1 + grails-shell-cli/build.gradle | 1 + grails-spring/build.gradle | 1 + grails-test-core/build.gradle | 1 + grails-test-examples/app1/build.gradle | 1 + grails-test-examples/app2/build.gradle | 1 + grails-test-examples/app3/build.gradle | 1 + .../async-events-pubsub-demo/build.gradle | 1 + grails-test-examples/cache/build.gradle | 1 + .../config-report/build.gradle | 1 + .../database-cleanup/build.gradle | 1 + grails-test-examples/datasources/build.gradle | 1 + grails-test-examples/demo33/build.gradle | 1 + grails-test-examples/exploded/build.gradle | 1 + .../external-configuration/build.gradle | 1 + .../geb-gebconfig/build.gradle | 1 + grails-test-examples/geb/build.gradle | 1 + grails-test-examples/gorm/build.gradle | 1 + grails-test-examples/gsp-layout/build.gradle | 1 + .../gsp-sitemesh3/build.gradle | 1 + .../gsp-spring-boot/app/build.gradle | 1 + .../build.gradle | 1 + .../grails-data-service/build.gradle | 1 + .../grails-database-per-tenant/build.gradle | 1 + .../build.gradle | 1 + .../hibernate5/grails-hibernate/build.gradle | 1 + .../grails-multiple-datasources/build.gradle | 1 + .../build.gradle | 1 + .../build.gradle | 1 + .../grails-schema-per-tenant/build.gradle | 1 + .../hibernate5/issue450/build.gradle | 1 + .../spring-boot-hibernate/build.gradle | 1 + .../standalone-hibernate/build.gradle | 1 + grails-test-examples/hyphenated/build.gradle | 1 + grails-test-examples/issue-11102/build.gradle | 1 + grails-test-examples/issue-11767/build.gradle | 1 + grails-test-examples/issue-15228/build.gradle | 1 + .../issue-698-domain-save-npe/build.gradle | 1 + .../issue-views-182/build.gradle | 1 + .../micronaut-groovy-only/build.gradle | 1 + grails-test-examples/micronaut/build.gradle | 1 + .../mongodb/base/build.gradle | 1 + .../mongodb/database-per-tenant/build.gradle | 1 + .../mongodb/gson-templates/build.gradle | 1 + .../mongodb/hibernate5/build.gradle | 1 + .../mongodb/springboot/build.gradle | 1 + .../mongodb/test-data-service/build.gradle | 1 + grails-test-examples/namespaces/build.gradle | 1 + .../plugins/exploded/build.gradle | 1 + .../plugins/issue-11767/build.gradle | 1 + .../plugins/issue11005/build.gradle | 1 + .../plugins/loadafter/build.gradle | 1 + .../plugins/loadfirst/build.gradle | 1 + .../plugins/loadsecond/build.gradle | 1 + .../plugins/micronaut-singleton/build.gradle | 1 + .../scaffolding-fields/build.gradle | 1 + grails-test-examples/scaffolding/build.gradle | 1 + .../build.gradle | 1 + .../views-functional-tests/build.gradle | 1 + grails-test-suite-base/build.gradle | 1 + grails-test-suite-persistence/build.gradle | 1 + grails-test-suite-uber/build.gradle | 1 + grails-test-suite-web/build.gradle | 1 + grails-testing-support-core/build.gradle | 1 + .../build.gradle | 1 + .../build.gradle | 1 + .../build.gradle | 1 + .../build.gradle | 1 + .../build.gradle | 1 + grails-testing-support-mongodb/build.gradle | 1 + .../build.gradle | 1 + grails-testing-support-web/build.gradle | 1 + grails-url-mappings/build.gradle | 1 + grails-validation/build.gradle | 1 + grails-views-core/build.gradle | 1 + grails-views-gson/build.gradle | 1 + grails-views-markup/build.gradle | 1 + grails-web-boot/build.gradle | 1 + grails-web-common/build.gradle | 1 + grails-web-core/build.gradle | 1 + grails-web-databinding/build.gradle | 1 + grails-web-mvc/build.gradle | 1 + grails-web-url-mappings/build.gradle | 1 + grails-wrapper/build.gradle | 1 + 179 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/vulnerability-scan.yml create mode 100644 build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml new file mode 100644 index 00000000000..21e958fcbc9 --- /dev/null +++ b/.github/workflows/vulnerability-scan.yml @@ -0,0 +1,195 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: "Vulnerability Scan" +on: + push: + branches: + - '[0-9]+.[0-9]+.x' + schedule: + # Run every Monday at 03:00 UTC + - cron: '0 3 * * 1' + workflow_dispatch: +# Do not scan concurrently; OSS Index has per-account rate limits +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: false +jobs: + scan-grails-core: + name: "OSS Index Scan - grails-core" + runs-on: ubuntu-24.04 + permissions: + contents: read + security-events: write + steps: + - name: "📥 Checkout repository" + uses: actions/checkout@v6 + - name: "☕️ Setup JDK" + uses: actions/setup-java@v4 + with: + distribution: liberica + java-version: 17 + - name: "🐘 Setup Gradle" + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + - name: "🔍 Run OSS Index Vulnerability Scan" + env: + SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} + SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} + continue-on-error: true + id: scan + run: ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} + - name: "📋 Publish Vulnerability Summary" + if: always() + run: | + echo "## 🔍 OSS Index Vulnerability Scan — grails-core" >> $GITHUB_STEP_SUMMARY + if [ "${{ steps.scan.outcome }}" = "success" ]; then + echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY + else + echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + awk ' + BEGIN { in_section=0; in_vuln=0 } + { gsub(/\033\[[0-9;]*m/, "") } + /^##\[ossIndexAudit:begin\]/ { in_section=1; next } + /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } + !in_section { next } + /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { + sub(/^\[[0-9]+\/[0-9]+\] - /, "") + if (!seen_coord[$0]++) { print ""; print } + next + } + /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } + in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } + in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } + in_vuln { block=block $0 "\n" } + ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ + || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + fi + +# scan-grails-gradle: +# name: "OSS Index Scan - grails-gradle" +# runs-on: ubuntu-24.04 +# permissions: +# contents: read +# security-events: write +# steps: +# - name: "📥 Checkout repository" +# uses: actions/checkout@v6 +# - name: "☕️ Setup JDK" +# uses: actions/setup-java@v4 +# with: +# distribution: liberica +# java-version: 17 +# - name: "🐘 Setup Gradle" +# uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 +# with: +# develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} +# build-root-directory: grails-gradle +# - name: "🔍 Run OSS Index Vulnerability Scan" +# env: +# SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} +# SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} +# continue-on-error: true +# id: scan +# run: cd grails-gradle && ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} +# - name: "📋 Publish Vulnerability Summary" +# if: always() +# run: | +# echo "## 🔍 OSS Index Vulnerability Scan — grails-gradle" >> $GITHUB_STEP_SUMMARY +# if [ "${{ steps.scan.outcome }}" = "success" ]; then +# echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY +# else +# echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY +# echo "" >> $GITHUB_STEP_SUMMARY +# echo '```' >> $GITHUB_STEP_SUMMARY +# awk ' +# BEGIN { in_section=0; in_vuln=0 } +# { gsub(/\033\[[0-9;]*m/, "") } +# /^##\[ossIndexAudit:begin\]/ { in_section=1; next } +# /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } +# !in_section { next } +# /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { +# sub(/^\[[0-9]+\/[0-9]+\] - /, "") +# if (!seen_coord[$0]++) { print ""; print } +# next +# } +# /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } +# in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } +# in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } +# in_vuln { block=block $0 "\n" } +# ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ +# || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY +# echo '```' >> $GITHUB_STEP_SUMMARY +# fi + +# scan-grails-forge: +# name: "OSS Index Scan - grails-forge" +# runs-on: ubuntu-24.04 +# permissions: +# contents: read +# security-events: write +# steps: +# - name: "📥 Checkout repository" +# uses: actions/checkout@v6 +# - name: "☕️ Setup JDK" +# uses: actions/setup-java@v4 +# with: +# distribution: liberica +# java-version: 17 +# - name: "🐘 Setup Gradle" +# uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 +# with: +# develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} +# build-root-directory: grails-forge +# - name: "🔍 Run OSS Index Vulnerability Scan" +# env: +# SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} +# SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} +# continue-on-error: true +# id: scan +# run: cd grails-forge && ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} +# - name: "📋 Publish Vulnerability Summary" +# if: always() +# run: | +# echo "## 🔍 OSS Index Vulnerability Scan — grails-forge" >> $GITHUB_STEP_SUMMARY +# if [ "${{ steps.scan.outcome }}" = "success" ]; then +# echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY +# else +# echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY +# echo "" >> $GITHUB_STEP_SUMMARY +# echo '```' >> $GITHUB_STEP_SUMMARY +# awk ' +# BEGIN { in_section=0; in_vuln=0 } +# { gsub(/\033\[[0-9;]*m/, "") } +# /^##\[ossIndexAudit:begin\]/ { in_section=1; next } +# /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } +# !in_section { next } +# /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { +# sub(/^\[[0-9]+\/[0-9]+\] - /, "") +# if (!seen_coord[$0]++) { print ""; print } +# next +# } +# /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } +# in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } +# in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } +# in_vuln { block=block $0 "\n" } +# ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ +# || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY +# echo '```' >> $GITHUB_STEP_SUMMARY +# fi diff --git a/build-logic/plugins/build.gradle b/build-logic/plugins/build.gradle index ef5b010fbd7..629829df4f4 100644 --- a/build-logic/plugins/build.gradle +++ b/build-logic/plugins/build.gradle @@ -38,6 +38,7 @@ dependencies { implementation "${gradleBomDependencies['grails-publish-plugin']}" implementation "org.gradle.crypto.checksum:org.gradle.crypto.checksum.gradle.plugin:${gradleProperties.gradleChecksumPluginVersion}" implementation "org.cyclonedx.bom:org.cyclonedx.bom.gradle.plugin:${gradleProperties.gradleCycloneDxPluginVersion}" + implementation "org.sonatype.gradle.plugins:scan-gradle-plugin:${gradleProperties.sonatypeScanPluginVersion}" } gradlePlugin { @@ -78,5 +79,9 @@ gradlePlugin { id = 'org.apache.grails.buildsrc.dependency-validator' implementationClass = 'org.apache.grails.buildsrc.GrailsDependencyValidatorPlugin' } + register('vulnerabilityScanPlugin') { + id = 'org.apache.grails.buildsrc.vulnerability-scan' + implementationClass = 'org.apache.grails.buildsrc.VulnerabilityScanPlugin' + } } } \ No newline at end of file diff --git a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy new file mode 100644 index 00000000000..92a0049b29f --- /dev/null +++ b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy @@ -0,0 +1,67 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.grails.buildsrc + +import groovy.transform.CompileStatic + +import org.gradle.api.GradleException +import org.gradle.api.Plugin +import org.gradle.api.Project +import org.sonatype.gradle.plugins.scan.ossindex.OssIndexPluginExtension + +/** + * Convention plugin that configures Sonatype OSS Index / Guide vulnerability scanning. + * + *

Credentials are supplied via environment variables: + *

+ * The {@code ossIndexAudit} task is skipped silently when credentials are absent.

+ */ +@CompileStatic +class VulnerabilityScanPlugin implements Plugin { + + static final String TASK_NAME = 'ossIndexAudit' + + @Override + void apply(Project project) { + project.pluginManager.apply('org.sonatype.gradle.plugins.scan') + + OssIndexPluginExtension extension = project.extensions.getByType(OssIndexPluginExtension) + extension.username = System.getenv('SONATYPE_GUIDE_USERNAME') ?: '' + extension.password = System.getenv('SONATYPE_GUIDE_TOKEN') ?: '' + + project.tasks.named(TASK_NAME) { task -> + task.group = 'verification' + task.description = "Scans ${project.name} runtime dependencies for known vulnerabilities via Sonatype Guide" + task.doFirst { + if (!System.getenv('SONATYPE_GUIDE_TOKEN')) { + throw new GradleException('SONATYPE_GUIDE_TOKEN environment variable is not set. ' + + 'A Sonatype Guide Personal Access Token is required to run the vulnerability scan.') + } + println "##[ossIndexAudit:begin] ${project.path}" + } + task.doLast { + println "##[ossIndexAudit:end] ${project.path}" + } + } + } +} diff --git a/gradle.properties b/gradle.properties index a6f90611004..3bb6baf33f3 100644 --- a/gradle.properties +++ b/gradle.properties @@ -68,6 +68,7 @@ micronautSerdeJacksonVersion=2.11.0 # build dependencies for code quality checks checkstyleVersion=11.0.0 codenarcVersion=3.6.0-groovy-4.0 +sonatypeScanPluginVersion=3.1.5 # This prevents the Grails Gradle Plugin from unnecessarily excluding slf4j-simple in the generated POMs # https://github.com/apache/grails-gradle-plugin/issues/222 diff --git a/grails-async/core/build.gradle b/grails-async/core/build.gradle index cee4816f2ea..eba15cd9b82 100644 --- a/grails-async/core/build.gradle +++ b/grails-async/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/gpars/build.gradle b/grails-async/gpars/build.gradle index 8c8d001b266..0624a31414c 100644 --- a/grails-async/gpars/build.gradle +++ b/grails-async/gpars/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/plugin/build.gradle b/grails-async/plugin/build.gradle index b7f0f7188cb..93eda319e9d 100644 --- a/grails-async/plugin/build.gradle +++ b/grails-async/plugin/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava/build.gradle b/grails-async/rxjava/build.gradle index 0bc5e0a8c71..efc6065e810 100644 --- a/grails-async/rxjava/build.gradle +++ b/grails-async/rxjava/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava2/build.gradle b/grails-async/rxjava2/build.gradle index 1e3d564320a..b07962ed487 100644 --- a/grails-async/rxjava2/build.gradle +++ b/grails-async/rxjava2/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-async/rxjava3/build.gradle b/grails-async/rxjava3/build.gradle index d5c36cb6f4b..7f02f49a634 100644 --- a/grails-async/rxjava3/build.gradle +++ b/grails-async/rxjava3/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-bootstrap/build.gradle b/grails-bootstrap/build.gradle index bda613d68db..88d9bbebcb0 100644 --- a/grails-bootstrap/build.gradle +++ b/grails-bootstrap/build.gradle @@ -28,6 +28,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-cache/build.gradle b/grails-cache/build.gradle index 9d607d16ca0..54367fbd625 100644 --- a/grails-cache/build.gradle +++ b/grails-cache/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-codecs-core/build.gradle b/grails-codecs-core/build.gradle index b3b27849130..bec14665aa2 100644 --- a/grails-codecs-core/build.gradle +++ b/grails-codecs-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-codecs/build.gradle b/grails-codecs/build.gradle index d30dbe2deee..783444be526 100644 --- a/grails-codecs/build.gradle +++ b/grails-codecs/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-common/build.gradle b/grails-common/build.gradle index 87ae157af90..28d74b517c5 100644 --- a/grails-common/build.gradle +++ b/grails-common/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-console/build.gradle b/grails-console/build.gradle index 5f6000c2e53..6c334326b65 100644 --- a/grails-console/build.gradle +++ b/grails-console/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-controllers/build.gradle b/grails-controllers/build.gradle index ca0a0125420..7aa95fb3b9c 100644 --- a/grails-controllers/build.gradle +++ b/grails-controllers/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-converters/build.gradle b/grails-converters/build.gradle index 2df6da086b2..a89bc876fa1 100644 --- a/grails-converters/build.gradle +++ b/grails-converters/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-core/build.gradle b/grails-core/build.gradle index b7e1717a4e7..c6a71a32c03 100644 --- a/grails-core/build.gradle +++ b/grails-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/boot-plugin/build.gradle b/grails-data-hibernate5/boot-plugin/build.gradle index 65ecb9e8853..5b4d6540a4a 100644 --- a/grails-data-hibernate5/boot-plugin/build.gradle +++ b/grails-data-hibernate5/boot-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/core/build.gradle b/grails-data-hibernate5/core/build.gradle index 60e57020866..73104d30f90 100644 --- a/grails-data-hibernate5/core/build.gradle +++ b/grails-data-hibernate5/core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/dbmigration/build.gradle b/grails-data-hibernate5/dbmigration/build.gradle index c4f5c80f2f2..f23e7ad8f1b 100644 --- a/grails-data-hibernate5/dbmigration/build.gradle +++ b/grails-data-hibernate5/dbmigration/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-hibernate5/grails-plugin/build.gradle b/grails-data-hibernate5/grails-plugin/build.gradle index 22fd52fe58e..368edbdde89 100644 --- a/grails-data-hibernate5/grails-plugin/build.gradle +++ b/grails-data-hibernate5/grails-plugin/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/boot-plugin/build.gradle b/grails-data-mongodb/boot-plugin/build.gradle index 7496dd6670c..1bbf7364941 100644 --- a/grails-data-mongodb/boot-plugin/build.gradle +++ b/grails-data-mongodb/boot-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/bson/build.gradle b/grails-data-mongodb/bson/build.gradle index 1ac2663ee71..d92fe25e879 100644 --- a/grails-data-mongodb/bson/build.gradle +++ b/grails-data-mongodb/bson/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/core/build.gradle b/grails-data-mongodb/core/build.gradle index f080478090f..c740300e19e 100644 --- a/grails-data-mongodb/core/build.gradle +++ b/grails-data-mongodb/core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/ext/build.gradle b/grails-data-mongodb/ext/build.gradle index f8271315be4..ef4e84ba270 100644 --- a/grails-data-mongodb/ext/build.gradle +++ b/grails-data-mongodb/ext/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/grails-plugin/build.gradle b/grails-data-mongodb/grails-plugin/build.gradle index 1ace1bc70db..f595bf31c99 100644 --- a/grails-data-mongodb/grails-plugin/build.gradle +++ b/grails-data-mongodb/grails-plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-mongodb/gson-templates/build.gradle b/grails-data-mongodb/gson-templates/build.gradle index 445f6f36760..926cb7829d5 100644 --- a/grails-data-mongodb/gson-templates/build.gradle +++ b/grails-data-mongodb/gson-templates/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-data-simple/build.gradle b/grails-data-simple/build.gradle index 22567f865ca..d796d478a0f 100644 --- a/grails-data-simple/build.gradle +++ b/grails-data-simple/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-databinding-core/build.gradle b/grails-databinding-core/build.gradle index be9a2092619..15c2cd1272a 100644 --- a/grails-databinding-core/build.gradle +++ b/grails-databinding-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-databinding/build.gradle b/grails-databinding/build.gradle index 06d19e9aa13..9487e8103ff 100644 --- a/grails-databinding/build.gradle +++ b/grails-databinding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-async/build.gradle b/grails-datamapping-async/build.gradle index a2731948935..a8572029e00 100644 --- a/grails-datamapping-async/build.gradle +++ b/grails-datamapping-async/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-core-test/build.gradle b/grails-datamapping-core-test/build.gradle index cf4d0f1cb8e..cc6fac20366 100644 --- a/grails-datamapping-core-test/build.gradle +++ b/grails-datamapping-core-test/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-datamapping-core/build.gradle b/grails-datamapping-core/build.gradle index 9eb9a7412ce..88c14d6cadd 100644 --- a/grails-datamapping-core/build.gradle +++ b/grails-datamapping-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-rx/build.gradle b/grails-datamapping-rx/build.gradle index 202e1839028..b3a85ac7114 100644 --- a/grails-datamapping-rx/build.gradle +++ b/grails-datamapping-rx/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-support/build.gradle b/grails-datamapping-support/build.gradle index 95656e2b87d..7f2803d780b 100644 --- a/grails-datamapping-support/build.gradle +++ b/grails-datamapping-support/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-tck/build.gradle b/grails-datamapping-tck/build.gradle index 15e7de95097..a9376b36429 100644 --- a/grails-datamapping-tck/build.gradle +++ b/grails-datamapping-tck/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datamapping-validation/build.gradle b/grails-datamapping-validation/build.gradle index 0748bcffd95..5996e15a4b8 100644 --- a/grails-datamapping-validation/build.gradle +++ b/grails-datamapping-validation/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datasource/build.gradle b/grails-datasource/build.gradle index 4f352431f1d..cb8a6b77f68 100644 --- a/grails-datasource/build.gradle +++ b/grails-datasource/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-async/build.gradle b/grails-datastore-async/build.gradle index 68f9ed6685b..cd4e915fd5c 100644 --- a/grails-datastore-async/build.gradle +++ b/grails-datastore-async/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-core/build.gradle b/grails-datastore-core/build.gradle index 8750516d37a..a93ba481aab 100644 --- a/grails-datastore-core/build.gradle +++ b/grails-datastore-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-datastore-web/build.gradle b/grails-datastore-web/build.gradle index 138497f193b..94f3fe44dc2 100644 --- a/grails-datastore-web/build.gradle +++ b/grails-datastore-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-dependencies/assets/build.gradle b/grails-dependencies/assets/build.gradle index 12f33ab1af6..7c4bb8ad986 100644 --- a/grails-dependencies/assets/build.gradle +++ b/grails-dependencies/assets/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-dependencies/starter-web/build.gradle b/grails-dependencies/starter-web/build.gradle index 46f99f7d155..d06d761c0de 100644 --- a/grails-dependencies/starter-web/build.gradle +++ b/grails-dependencies/starter-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-dependencies/test/build.gradle b/grails-dependencies/test/build.gradle index 17301eab91d..c8554c8013f 100644 --- a/grails-dependencies/test/build.gradle +++ b/grails-dependencies/test/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-domain-class/build.gradle b/grails-domain-class/build.gradle index 64016a6fee7..e63d12c4936 100644 --- a/grails-domain-class/build.gradle +++ b/grails-domain-class/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-encoder/build.gradle b/grails-encoder/build.gradle index 5cb654cd2f1..04a00a4e9c9 100644 --- a/grails-encoder/build.gradle +++ b/grails-encoder/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/compat/build.gradle b/grails-events/compat/build.gradle index 859b1f005a0..509b6332598 100644 --- a/grails-events/compat/build.gradle +++ b/grails-events/compat/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/core/build.gradle b/grails-events/core/build.gradle index 0c68efd5606..77cb9ee24ee 100644 --- a/grails-events/core/build.gradle +++ b/grails-events/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/gpars/build.gradle b/grails-events/gpars/build.gradle index ad365eceee4..ddb9929a8ec 100644 --- a/grails-events/gpars/build.gradle +++ b/grails-events/gpars/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/plugin/build.gradle b/grails-events/plugin/build.gradle index bd69e5ebb68..800aa51c48b 100644 --- a/grails-events/plugin/build.gradle +++ b/grails-events/plugin/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava/build.gradle b/grails-events/rxjava/build.gradle index 312477fefae..b42e91631fe 100644 --- a/grails-events/rxjava/build.gradle +++ b/grails-events/rxjava/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava2/build.gradle b/grails-events/rxjava2/build.gradle index 5a107dd9241..c50775cfeaa 100644 --- a/grails-events/rxjava2/build.gradle +++ b/grails-events/rxjava2/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/rxjava3/build.gradle b/grails-events/rxjava3/build.gradle index efca93c18dd..933e56af507 100644 --- a/grails-events/rxjava3/build.gradle +++ b/grails-events/rxjava3/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/spring/build.gradle b/grails-events/spring/build.gradle index c568f926238..5c67fb2df0e 100644 --- a/grails-events/spring/build.gradle +++ b/grails-events/spring/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-events/transforms/build.gradle b/grails-events/transforms/build.gradle index 778980c0951..1102766e4d6 100644 --- a/grails-events/transforms/build.gradle +++ b/grails-events/transforms/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-fields/build.gradle b/grails-fields/build.gradle index 1ed72931b9b..db758074712 100644 --- a/grails-fields/build.gradle +++ b/grails-fields/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-forge/gradle.properties b/grails-forge/gradle.properties index e0adeeda0be..65c636dd929 100644 --- a/grails-forge/gradle.properties +++ b/grails-forge/gradle.properties @@ -29,7 +29,7 @@ antVersion=1.10.15 antlr4Version=4.8-1!! asciidoctorGradleJvmVersion=4.0.4 cglibVersion=3.3.0 -commonsCompressVersion=1.27.1 +commonsCompressVersion=1.28.0 gradleSdkvendorPluginVersion=3.0.0 groovyVersion=3.0.25 jacksonDatabindVersion=2.18.3 diff --git a/grails-forge/grails-cli-shadow/build.gradle b/grails-forge/grails-cli-shadow/build.gradle index 6978124d70c..8196a64654d 100644 --- a/grails-forge/grails-cli-shadow/build.gradle +++ b/grails-forge/grails-cli-shadow/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-cli/build.gradle b/grails-forge/grails-cli/build.gradle index eaf424525c9..733994d44cc 100644 --- a/grails-forge/grails-cli/build.gradle +++ b/grails-forge/grails-cli/build.gradle @@ -29,6 +29,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } ext { diff --git a/grails-forge/grails-forge-analytics-postgres/build.gradle b/grails-forge/grails-forge-analytics-postgres/build.gradle index bedb101af1d..6a2510657c7 100644 --- a/grails-forge/grails-forge-analytics-postgres/build.gradle +++ b/grails-forge/grails-forge-analytics-postgres/build.gradle @@ -21,6 +21,7 @@ plugins { id 'com.gradleup.shadow' id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'io.micronaut.application' version "$micronautApplicationPluginVersion" } diff --git a/grails-forge/grails-forge-api/build.gradle b/grails-forge/grails-forge-api/build.gradle index 116f5e6e0c9..c12c9ccfe4d 100644 --- a/grails-forge/grails-forge-api/build.gradle +++ b/grails-forge/grails-forge-api/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-cli/build.gradle b/grails-forge/grails-forge-cli/build.gradle index 8572b144fb0..56498dafe5a 100644 --- a/grails-forge/grails-forge-cli/build.gradle +++ b/grails-forge/grails-forge-cli/build.gradle @@ -29,6 +29,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-core/build.gradle b/grails-forge/grails-forge-core/build.gradle index 9343840d953..a0983907c48 100644 --- a/grails-forge/grails-forge-core/build.gradle +++ b/grails-forge/grails-forge-core/build.gradle @@ -28,6 +28,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-web-netty/build.gradle b/grails-forge/grails-forge-web-netty/build.gradle index 43577700d93..9129b512dac 100644 --- a/grails-forge/grails-forge-web-netty/build.gradle +++ b/grails-forge/grails-forge-web-netty/build.gradle @@ -21,6 +21,7 @@ plugins { id 'com.gradleup.shadow' id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'io.micronaut.application' version "$micronautApplicationPluginVersion" } diff --git a/grails-forge/test-core/build.gradle b/grails-forge/test-core/build.gradle index c898449a5e8..5f36b283ce6 100644 --- a/grails-forge/test-core/build.gradle +++ b/grails-forge/test-core/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.grails.forge.rocker' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-geb/build.gradle b/grails-geb/build.gradle index 22f6a9253e3..8367d3490f1 100644 --- a/grails-geb/build.gradle +++ b/grails-geb/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/common/build.gradle b/grails-gradle/common/build.gradle index 0adcdb6644b..689af52a46b 100644 --- a/grails-gradle/common/build.gradle +++ b/grails-gradle/common/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/model/build.gradle b/grails-gradle/model/build.gradle index 76e45ba9fd4..ddf742c5fb0 100644 --- a/grails-gradle/model/build.gradle +++ b/grails-gradle/model/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/plugins/build.gradle b/grails-gradle/plugins/build.gradle index 0c53d94c044..8120e7db31e 100644 --- a/grails-gradle/plugins/build.gradle +++ b/grails-gradle/plugins/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/tasks/build.gradle b/grails-gradle/tasks/build.gradle index a994c5f868c..1dd22c4c944 100644 --- a/grails-gradle/tasks/build.gradle +++ b/grails-gradle/tasks/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/core/build.gradle b/grails-gsp/core/build.gradle index e55a044be70..0622e83d44d 100644 --- a/grails-gsp/core/build.gradle +++ b/grails-gsp/core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-layout/build.gradle b/grails-gsp/grails-layout/build.gradle index 32eb8c13c35..d3c86c42b76 100644 --- a/grails-gsp/grails-layout/build.gradle +++ b/grails-gsp/grails-layout/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-sitemesh3/build.gradle b/grails-gsp/grails-sitemesh3/build.gradle index 84fc041967a..8c46fda4a60 100644 --- a/grails-gsp/grails-sitemesh3/build.gradle +++ b/grails-gsp/grails-sitemesh3/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-taglib/build.gradle b/grails-gsp/grails-taglib/build.gradle index 55c91cfe45a..4dae8b1eed2 100644 --- a/grails-gsp/grails-taglib/build.gradle +++ b/grails-gsp/grails-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-gsp-taglib/build.gradle b/grails-gsp/grails-web-gsp-taglib/build.gradle index 869592160cd..cb74fc9bbdf 100644 --- a/grails-gsp/grails-web-gsp-taglib/build.gradle +++ b/grails-gsp/grails-web-gsp-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-gsp/build.gradle b/grails-gsp/grails-web-gsp/build.gradle index f9df4c2edd1..acaa9787b5b 100644 --- a/grails-gsp/grails-web-gsp/build.gradle +++ b/grails-gsp/grails-web-gsp/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-jsp/build.gradle b/grails-gsp/grails-web-jsp/build.gradle index 77760958190..dded152454f 100644 --- a/grails-gsp/grails-web-jsp/build.gradle +++ b/grails-gsp/grails-web-jsp/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/grails-web-taglib/build.gradle b/grails-gsp/grails-web-taglib/build.gradle index a69196b1140..f2ee5003726 100644 --- a/grails-gsp/grails-web-taglib/build.gradle +++ b/grails-gsp/grails-web-taglib/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gsp/plugin/build.gradle b/grails-gsp/plugin/build.gradle index 767a130825b..19fca66d3e7 100644 --- a/grails-gsp/plugin/build.gradle +++ b/grails-gsp/plugin/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-i18n/build.gradle b/grails-i18n/build.gradle index 4ef4fa48b5a..5073745a32d 100644 --- a/grails-i18n/build.gradle +++ b/grails-i18n/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-interceptors/build.gradle b/grails-interceptors/build.gradle index 8d7806a80b9..2b66bbe082d 100644 --- a/grails-interceptors/build.gradle +++ b/grails-interceptors/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-logging/build.gradle b/grails-logging/build.gradle index 4925b3cd928..7a6c536e185 100644 --- a/grails-logging/build.gradle +++ b/grails-logging/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-micronaut/build.gradle b/grails-micronaut/build.gradle index 1b94a6a2bc8..b268c2d04df 100644 --- a/grails-micronaut/build.gradle +++ b/grails-micronaut/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-mimetypes/build.gradle b/grails-mimetypes/build.gradle index e315c0a354b..d9ccfbd1ae3 100644 --- a/grails-mimetypes/build.gradle +++ b/grails-mimetypes/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-profiles/base/build.gradle b/grails-profiles/base/build.gradle index aa5e783c345..e00dffde786 100644 --- a/grails-profiles/base/build.gradle +++ b/grails-profiles/base/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/plugin/build.gradle b/grails-profiles/plugin/build.gradle index b44492cf082..390141a3c2b 100644 --- a/grails-profiles/plugin/build.gradle +++ b/grails-profiles/plugin/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/profile/build.gradle b/grails-profiles/profile/build.gradle index 827eaf49d23..1034774d58e 100644 --- a/grails-profiles/profile/build.gradle +++ b/grails-profiles/profile/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/rest-api-plugin/build.gradle b/grails-profiles/rest-api-plugin/build.gradle index 62d143ed21c..e1b5d73bd41 100644 --- a/grails-profiles/rest-api-plugin/build.gradle +++ b/grails-profiles/rest-api-plugin/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/rest-api/build.gradle b/grails-profiles/rest-api/build.gradle index 69e57475c85..29ddadc94b9 100644 --- a/grails-profiles/rest-api/build.gradle +++ b/grails-profiles/rest-api/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/web-plugin/build.gradle b/grails-profiles/web-plugin/build.gradle index a7a7e95f782..5c6d8f470dd 100644 --- a/grails-profiles/web-plugin/build.gradle +++ b/grails-profiles/web-plugin/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/web/build.gradle b/grails-profiles/web/build.gradle index 7db693f00ca..10f4c5c9dd1 100644 --- a/grails-profiles/web/build.gradle +++ b/grails-profiles/web/build.gradle @@ -18,6 +18,7 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-rest-transforms/build.gradle b/grails-rest-transforms/build.gradle index 66866262d2e..0d56921af4b 100644 --- a/grails-rest-transforms/build.gradle +++ b/grails-rest-transforms/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-scaffolding/build.gradle b/grails-scaffolding/build.gradle index fad0812a90b..9409a2efa72 100644 --- a/grails-scaffolding/build.gradle +++ b/grails-scaffolding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-services/build.gradle b/grails-services/build.gradle index 963ca7642d3..a1679ec8285 100644 --- a/grails-services/build.gradle +++ b/grails-services/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-shell-cli/build.gradle b/grails-shell-cli/build.gradle index f2da812af0a..235806694dd 100644 --- a/grails-shell-cli/build.gradle +++ b/grails-shell-cli/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-spring/build.gradle b/grails-spring/build.gradle index 043dd683e5f..757547a2c1a 100644 --- a/grails-spring/build.gradle +++ b/grails-spring/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-core/build.gradle b/grails-test-core/build.gradle index ef3e32d6426..f2a76689947 100644 --- a/grails-test-core/build.gradle +++ b/grails-test-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-examples/app1/build.gradle b/grails-test-examples/app1/build.gradle index 1076caa2e38..194599ddbe2 100644 --- a/grails-test-examples/app1/build.gradle +++ b/grails-test-examples/app1/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/app2/build.gradle b/grails-test-examples/app2/build.gradle index d0cfa927b37..4f3fc4e6ea2 100644 --- a/grails-test-examples/app2/build.gradle +++ b/grails-test-examples/app2/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/app3/build.gradle b/grails-test-examples/app3/build.gradle index 7f0d993c37a..ccfb022a714 100644 --- a/grails-test-examples/app3/build.gradle +++ b/grails-test-examples/app3/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/async-events-pubsub-demo/build.gradle b/grails-test-examples/async-events-pubsub-demo/build.gradle index 7bda0478bb4..d1bd69e1491 100644 --- a/grails-test-examples/async-events-pubsub-demo/build.gradle +++ b/grails-test-examples/async-events-pubsub-demo/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = rootProject.version diff --git a/grails-test-examples/cache/build.gradle b/grails-test-examples/cache/build.gradle index ae8b3a4531b..19be5bbb9bd 100644 --- a/grails-test-examples/cache/build.gradle +++ b/grails-test-examples/cache/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/config-report/build.gradle b/grails-test-examples/config-report/build.gradle index b141104ee46..e774e37d795 100644 --- a/grails-test-examples/config-report/build.gradle +++ b/grails-test-examples/config-report/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/database-cleanup/build.gradle b/grails-test-examples/database-cleanup/build.gradle index 2b5f1119d4d..6f22929d537 100644 --- a/grails-test-examples/database-cleanup/build.gradle +++ b/grails-test-examples/database-cleanup/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/datasources/build.gradle b/grails-test-examples/datasources/build.gradle index b8c928826ed..35d4c25f8d4 100644 --- a/grails-test-examples/datasources/build.gradle +++ b/grails-test-examples/datasources/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/demo33/build.gradle b/grails-test-examples/demo33/build.gradle index bb76c83be0d..cddc13dec49 100644 --- a/grails-test-examples/demo33/build.gradle +++ b/grails-test-examples/demo33/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.example.grails' diff --git a/grails-test-examples/exploded/build.gradle b/grails-test-examples/exploded/build.gradle index 6ba321b9c42..c027985b173 100644 --- a/grails-test-examples/exploded/build.gradle +++ b/grails-test-examples/exploded/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/external-configuration/build.gradle b/grails-test-examples/external-configuration/build.gradle index 93a078c5940..c6d30f6c11d 100644 --- a/grails-test-examples/external-configuration/build.gradle +++ b/grails-test-examples/external-configuration/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'groovy' diff --git a/grails-test-examples/geb-gebconfig/build.gradle b/grails-test-examples/geb-gebconfig/build.gradle index 478f62245e5..d9e16f1df4a 100644 --- a/grails-test-examples/geb-gebconfig/build.gradle +++ b/grails-test-examples/geb-gebconfig/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-web' diff --git a/grails-test-examples/geb/build.gradle b/grails-test-examples/geb/build.gradle index 6e2a650fe30..fa4508b3054 100644 --- a/grails-test-examples/geb/build.gradle +++ b/grails-test-examples/geb/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-web' diff --git a/grails-test-examples/gorm/build.gradle b/grails-test-examples/gorm/build.gradle index 5fc38241f3a..23489ba8cf3 100644 --- a/grails-test-examples/gorm/build.gradle +++ b/grails-test-examples/gorm/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/gsp-layout/build.gradle b/grails-test-examples/gsp-layout/build.gradle index 9f129c0d79c..7748a63eaa7 100644 --- a/grails-test-examples/gsp-layout/build.gradle +++ b/grails-test-examples/gsp-layout/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/gsp-sitemesh3/build.gradle b/grails-test-examples/gsp-sitemesh3/build.gradle index 6a0afc44682..3a0705ab3be 100644 --- a/grails-test-examples/gsp-sitemesh3/build.gradle +++ b/grails-test-examples/gsp-sitemesh3/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/gsp-spring-boot/app/build.gradle b/grails-test-examples/gsp-spring-boot/app/build.gradle index c3187fecfaf..82d4d040e9b 100644 --- a/grails-test-examples/gsp-spring-boot/app/build.gradle +++ b/grails-test-examples/gsp-spring-boot/app/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.springframework.boot' id 'io.spring.dependency-management' id "groovy" + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-gsp' diff --git a/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle b/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle index 5e2f3187ed4..3bee0ecfae1 100644 --- a/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle +++ b/grails-test-examples/hibernate5/grails-data-service-multi-datasource/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-data-service/build.gradle b/grails-test-examples/hibernate5/grails-data-service/build.gradle index 3c630f07511..9d370c683b6 100644 --- a/grails-test-examples/hibernate5/grails-data-service/build.gradle +++ b/grails-test-examples/hibernate5/grails-data-service/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.gradle.grails-gson' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle b/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle index 85e53a201fd..d902788d6a0 100644 --- a/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle +++ b/grails-test-examples/hibernate5/grails-database-per-tenant/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle b/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle index 34f33f0cfd5..e7b213edb6d 100644 --- a/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle +++ b/grails-test-examples/hibernate5/grails-hibernate-groovy-proxy/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-hibernate/build.gradle b/grails-test-examples/hibernate5/grails-hibernate/build.gradle index 9233fc1f524..3a3aaf920a3 100644 --- a/grails-test-examples/hibernate5/grails-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/grails-hibernate/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle b/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle index de784dc9ad3..e59c19088f0 100644 --- a/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle +++ b/grails-test-examples/hibernate5/grails-multiple-datasources/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle b/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle index 5e2f3187ed4..3bee0ecfae1 100644 --- a/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle +++ b/grails-test-examples/hibernate5/grails-multitenant-multi-datasource/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.gradle.grails-web' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle b/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle index 72a86f126fc..1053ffc33af 100644 --- a/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle +++ b/grails-test-examples/hibernate5/grails-partitioned-multi-tenancy/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle b/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle index 41a4c1a3ff2..6c9f1d0ecb2 100644 --- a/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle +++ b/grails-test-examples/hibernate5/grails-schema-per-tenant/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/issue450/build.gradle b/grails-test-examples/hibernate5/issue450/build.gradle index ac80fabbf89..58fe2061409 100644 --- a/grails-test-examples/hibernate5/issue450/build.gradle +++ b/grails-test-examples/hibernate5/issue450/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.gradle.grails-gsp' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle b/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle index 5cee818132b..2697b327f6e 100644 --- a/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/spring-boot-hibernate/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.springframework.boot' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/hibernate5/standalone-hibernate/build.gradle b/grails-test-examples/hibernate5/standalone-hibernate/build.gradle index d091bf09ebf..72bc7183c73 100644 --- a/grails-test-examples/hibernate5/standalone-hibernate/build.gradle +++ b/grails-test-examples/hibernate5/standalone-hibernate/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.0.1' diff --git a/grails-test-examples/hyphenated/build.gradle b/grails-test-examples/hyphenated/build.gradle index 87589bf3c32..21665138e5d 100644 --- a/grails-test-examples/hyphenated/build.gradle +++ b/grails-test-examples/hyphenated/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-11102/build.gradle b/grails-test-examples/issue-11102/build.gradle index 9b54a066204..d151bfaa66f 100644 --- a/grails-test-examples/issue-11102/build.gradle +++ b/grails-test-examples/issue-11102/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-11767/build.gradle b/grails-test-examples/issue-11767/build.gradle index 04eaca91d64..9f94c4f5ec3 100644 --- a/grails-test-examples/issue-11767/build.gradle +++ b/grails-test-examples/issue-11767/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-15228/build.gradle b/grails-test-examples/issue-15228/build.gradle index f7da23ca681..a0a90f4c274 100644 --- a/grails-test-examples/issue-15228/build.gradle +++ b/grails-test-examples/issue-15228/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-698-domain-save-npe/build.gradle b/grails-test-examples/issue-698-domain-save-npe/build.gradle index 4d5c9916c2e..a578eba075d 100644 --- a/grails-test-examples/issue-698-domain-save-npe/build.gradle +++ b/grails-test-examples/issue-698-domain-save-npe/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/issue-views-182/build.gradle b/grails-test-examples/issue-views-182/build.gradle index fc9043e92be..02916cebb20 100644 --- a/grails-test-examples/issue-views-182/build.gradle +++ b/grails-test-examples/issue-views-182/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/micronaut-groovy-only/build.gradle b/grails-test-examples/micronaut-groovy-only/build.gradle index 62abb364315..d1fd5dbf8a3 100644 --- a/grails-test-examples/micronaut-groovy-only/build.gradle +++ b/grails-test-examples/micronaut-groovy-only/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/micronaut/build.gradle b/grails-test-examples/micronaut/build.gradle index 859b9117961..d4fca0e6aa2 100644 --- a/grails-test-examples/micronaut/build.gradle +++ b/grails-test-examples/micronaut/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/mongodb/base/build.gradle b/grails-test-examples/mongodb/base/build.gradle index 1b9bf51b226..66209e3a308 100644 --- a/grails-test-examples/mongodb/base/build.gradle +++ b/grails-test-examples/mongodb/base/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/database-per-tenant/build.gradle b/grails-test-examples/mongodb/database-per-tenant/build.gradle index 66e4530bea4..ceba24861ba 100644 --- a/grails-test-examples/mongodb/database-per-tenant/build.gradle +++ b/grails-test-examples/mongodb/database-per-tenant/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/gson-templates/build.gradle b/grails-test-examples/mongodb/gson-templates/build.gradle index 8732c62a557..6bc5590dc73 100644 --- a/grails-test-examples/mongodb/gson-templates/build.gradle +++ b/grails-test-examples/mongodb/gson-templates/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/hibernate5/build.gradle b/grails-test-examples/mongodb/hibernate5/build.gradle index 0622d6258e1..46bfb9be565 100644 --- a/grails-test-examples/mongodb/hibernate5/build.gradle +++ b/grails-test-examples/mongodb/hibernate5/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/mongodb/springboot/build.gradle b/grails-test-examples/mongodb/springboot/build.gradle index 5855d0b24e0..23f60721a6f 100644 --- a/grails-test-examples/mongodb/springboot/build.gradle +++ b/grails-test-examples/mongodb/springboot/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'groovy' diff --git a/grails-test-examples/mongodb/test-data-service/build.gradle b/grails-test-examples/mongodb/test-data-service/build.gradle index 3b10e49d9ad..3fd572c225d 100644 --- a/grails-test-examples/mongodb/test-data-service/build.gradle +++ b/grails-test-examples/mongodb/test-data-service/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-examples/namespaces/build.gradle b/grails-test-examples/namespaces/build.gradle index 99da2a0e3b6..0a570e506c4 100644 --- a/grails-test-examples/namespaces/build.gradle +++ b/grails-test-examples/namespaces/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/plugins/exploded/build.gradle b/grails-test-examples/plugins/exploded/build.gradle index c1fd4732c48..a05202eba0e 100644 --- a/grails-test-examples/plugins/exploded/build.gradle +++ b/grails-test-examples/plugins/exploded/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/issue-11767/build.gradle b/grails-test-examples/plugins/issue-11767/build.gradle index cbd4fb2f86a..c22071fbecb 100644 --- a/grails-test-examples/plugins/issue-11767/build.gradle +++ b/grails-test-examples/plugins/issue-11767/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/issue11005/build.gradle b/grails-test-examples/plugins/issue11005/build.gradle index 4b08b455f5b..26065256a08 100644 --- a/grails-test-examples/plugins/issue11005/build.gradle +++ b/grails-test-examples/plugins/issue11005/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } apply plugin: 'org.apache.grails.gradle.grails-plugin' diff --git a/grails-test-examples/plugins/loadafter/build.gradle b/grails-test-examples/plugins/loadafter/build.gradle index f9ef09f690d..c5a37fa0ebe 100644 --- a/grails-test-examples/plugins/loadafter/build.gradle +++ b/grails-test-examples/plugins/loadafter/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/loadfirst/build.gradle b/grails-test-examples/plugins/loadfirst/build.gradle index ef3ddc7dd2d..e89ca5e93db 100644 --- a/grails-test-examples/plugins/loadfirst/build.gradle +++ b/grails-test-examples/plugins/loadfirst/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/loadsecond/build.gradle b/grails-test-examples/plugins/loadsecond/build.gradle index 52239603e69..083e93c515e 100644 --- a/grails-test-examples/plugins/loadsecond/build.gradle +++ b/grails-test-examples/plugins/loadsecond/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/plugins/micronaut-singleton/build.gradle b/grails-test-examples/plugins/micronaut-singleton/build.gradle index 96d97930f73..ea903852c37 100644 --- a/grails-test-examples/plugins/micronaut-singleton/build.gradle +++ b/grails-test-examples/plugins/micronaut-singleton/build.gradle @@ -20,6 +20,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-test-examples/scaffolding-fields/build.gradle b/grails-test-examples/scaffolding-fields/build.gradle index 3afbfc6fcc1..1e422fbb6f9 100644 --- a/grails-test-examples/scaffolding-fields/build.gradle +++ b/grails-test-examples/scaffolding-fields/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/scaffolding/build.gradle b/grails-test-examples/scaffolding/build.gradle index 1828650189c..2f6f9880f27 100644 --- a/grails-test-examples/scaffolding/build.gradle +++ b/grails-test-examples/scaffolding/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = "0.0.1" diff --git a/grails-test-examples/views-functional-tests-plugin/build.gradle b/grails-test-examples/views-functional-tests-plugin/build.gradle index 5f203e3eee6..3c8e011f329 100644 --- a/grails-test-examples/views-functional-tests-plugin/build.gradle +++ b/grails-test-examples/views-functional-tests-plugin/build.gradle @@ -21,6 +21,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-plugin' id 'org.apache.grails.gradle.grails-gson' } diff --git a/grails-test-examples/views-functional-tests/build.gradle b/grails-test-examples/views-functional-tests/build.gradle index 6f744bcaf13..d06a9c9e39d 100644 --- a/grails-test-examples/views-functional-tests/build.gradle +++ b/grails-test-examples/views-functional-tests/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.gradle.grails-web' id 'cloud.wondrify.asset-pipeline' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = "0.0.1" diff --git a/grails-test-suite-base/build.gradle b/grails-test-suite-base/build.gradle index 23bef4896ba..8357bb80745 100644 --- a/grails-test-suite-base/build.gradle +++ b/grails-test-suite-base/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-test-suite-persistence/build.gradle b/grails-test-suite-persistence/build.gradle index ce251297fc1..1436a920eb1 100644 --- a/grails-test-suite-persistence/build.gradle +++ b/grails-test-suite-persistence/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-suite-uber/build.gradle b/grails-test-suite-uber/build.gradle index 019ff129a0b..69ba5251337 100644 --- a/grails-test-suite-uber/build.gradle +++ b/grails-test-suite-uber/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-test-suite-web/build.gradle b/grails-test-suite-web/build.gradle index 8f2d856bfa9..1d4fb80bdfe 100644 --- a/grails-test-suite-web/build.gradle +++ b/grails-test-suite-web/build.gradle @@ -22,6 +22,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-testing-support-core/build.gradle b/grails-testing-support-core/build.gradle index cb9b9f5d3fe..6cc271a7d38 100644 --- a/grails-testing-support-core/build.gradle +++ b/grails-testing-support-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-datamapping/build.gradle b/grails-testing-support-datamapping/build.gradle index 0c030921982..eb143e2d9be 100755 --- a/grails-testing-support-datamapping/build.gradle +++ b/grails-testing-support-datamapping/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-core/build.gradle b/grails-testing-support-dbcleanup-core/build.gradle index 7368f6dee10..66c2c9bf51d 100644 --- a/grails-testing-support-dbcleanup-core/build.gradle +++ b/grails-testing-support-dbcleanup-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-h2/build.gradle b/grails-testing-support-dbcleanup-h2/build.gradle index c12e761a303..62eb14c0003 100644 --- a/grails-testing-support-dbcleanup-h2/build.gradle +++ b/grails-testing-support-dbcleanup-h2/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-dbcleanup-postgresql/build.gradle b/grails-testing-support-dbcleanup-postgresql/build.gradle index 3644ad14619..1519ebfb98b 100644 --- a/grails-testing-support-dbcleanup-postgresql/build.gradle +++ b/grails-testing-support-dbcleanup-postgresql/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-http-client/build.gradle b/grails-testing-support-http-client/build.gradle index 7800604564a..1df05ce371f 100644 --- a/grails-testing-support-http-client/build.gradle +++ b/grails-testing-support-http-client/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-mongodb/build.gradle b/grails-testing-support-mongodb/build.gradle index 7b5ff0cc627..284c686c7f1 100644 --- a/grails-testing-support-mongodb/build.gradle +++ b/grails-testing-support-mongodb/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-views-gson/build.gradle b/grails-testing-support-views-gson/build.gradle index 7bfcc80cfec..af5724db596 100644 --- a/grails-testing-support-views-gson/build.gradle +++ b/grails-testing-support-views-gson/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-testing-support-web/build.gradle b/grails-testing-support-web/build.gradle index 385b7bca5da..16d44cb335d 100755 --- a/grails-testing-support-web/build.gradle +++ b/grails-testing-support-web/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-url-mappings/build.gradle b/grails-url-mappings/build.gradle index 845319ece17..5312b5787bc 100644 --- a/grails-url-mappings/build.gradle +++ b/grails-url-mappings/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-validation/build.gradle b/grails-validation/build.gradle index c129d0695fd..960c6661424 100644 --- a/grails-validation/build.gradle +++ b/grails-validation/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-core/build.gradle b/grails-views-core/build.gradle index 3da0370d06d..5d820f3a0e8 100644 --- a/grails-views-core/build.gradle +++ b/grails-views-core/build.gradle @@ -25,6 +25,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-gson/build.gradle b/grails-views-gson/build.gradle index c0781804d2e..8cec626096d 100644 --- a/grails-views-gson/build.gradle +++ b/grails-views-gson/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-views-markup/build.gradle b/grails-views-markup/build.gradle index 6d6bc3da1bd..cb432d6ba8e 100644 --- a/grails-views-markup/build.gradle +++ b/grails-views-markup/build.gradle @@ -24,6 +24,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-boot/build.gradle b/grails-web-boot/build.gradle index 77f660cc131..70218bfab21 100644 --- a/grails-web-boot/build.gradle +++ b/grails-web-boot/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-common/build.gradle b/grails-web-common/build.gradle index c8db0f99343..c0b8b9d301c 100644 --- a/grails-web-common/build.gradle +++ b/grails-web-common/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-core/build.gradle b/grails-web-core/build.gradle index 5399ca4a2c5..50d79ebf7a8 100644 --- a/grails-web-core/build.gradle +++ b/grails-web-core/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-databinding/build.gradle b/grails-web-databinding/build.gradle index 770a12a4f7f..f94614fdc0f 100644 --- a/grails-web-databinding/build.gradle +++ b/grails-web-databinding/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-mvc/build.gradle b/grails-web-mvc/build.gradle index 286f151768d..dfaace63d46 100644 --- a/grails-web-mvc/build.gradle +++ b/grails-web-mvc/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-web-url-mappings/build.gradle b/grails-web-url-mappings/build.gradle index 86d74125325..69db6e4dacf 100644 --- a/grails-web-url-mappings/build.gradle +++ b/grails-web-url-mappings/build.gradle @@ -26,6 +26,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-wrapper/build.gradle b/grails-wrapper/build.gradle index 136c9bedcaa..2b9963b40cc 100644 --- a/grails-wrapper/build.gradle +++ b/grails-wrapper/build.gradle @@ -23,6 +23,7 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' + id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } From 19caafc78a702426737c22f476cf7ecd4f1a0fd5 Mon Sep 17 00:00:00 2001 From: James Daugherty Date: Mon, 4 May 2026 23:13:35 -0400 Subject: [PATCH 2/5] Bump vulnerable versions & add suppressions --- .../apache/grails/buildsrc/VulnerabilityScanPlugin.groovy | 7 +++++++ dependencies.gradle | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy index 92a0049b29f..71fc6985da9 100644 --- a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy +++ b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy @@ -48,6 +48,13 @@ class VulnerabilityScanPlugin implements Plugin { OssIndexPluginExtension extension = project.extensions.getByType(OssIndexPluginExtension) extension.username = System.getenv('SONATYPE_GUIDE_USERNAME') ?: '' extension.password = System.getenv('SONATYPE_GUIDE_TOKEN') ?: '' + extension.excludeCoordinates = [ + // CVE-2018-14335: Sonatype flags this against all H2 versions; no upstream fix exists. + 'pkg:maven/com.h2database/h2@2.4.240', + // CVE-2026-22747: spring-security-web 6.5.10 is the latest available release; no fix exists yet upstream. + // Remove this exclusion once Spring Security releases a patched version and spring-boot.version is bumped. + 'pkg:maven/org.springframework.security/spring-security-web@6.5.10', + ] as Set project.tasks.named(TASK_NAME) { task -> task.group = 'verification' diff --git a/dependencies.gradle b/dependencies.gradle index e1dc53bbb52..de03f28e833 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -71,9 +71,11 @@ ext { 'bootstrap-icons.version' : '1.13.1', 'bootstrap.version' : '5.3.8', 'commons-codec.version' : '1.18.0', + 'commons-compress.version' : '1.28.0', 'commons-lang3.version' : '3.20.0', 'geb-spock.version' : '8.0.1', 'groovy.version' : '4.0.31', + 'h2.version' : '2.4.240', 'jackson.version' : '2.21.2', 'jquery.version' : '3.7.1', 'hibernate-groovy-proxy.version': '1.1', @@ -83,6 +85,7 @@ ext { 'junit-platform.version' : '1.13.3', 'mongodb.version' : '5.5.2', 'opentelemetry.version' : '1.55.0', + 'plexus-utils.version' : '4.0.3', 'rxjava.version' : '1.3.8', 'rxjava2.version' : '2.2.21', 'rxjava3.version' : '3.1.12', @@ -107,8 +110,10 @@ ext { 'bootstrap' : "org.webjars.npm:bootstrap:${bomDependencyVersions['bootstrap.version']}", 'bootstrap-icons' : "org.webjars.npm:bootstrap-icons:${bomDependencyVersions['bootstrap-icons.version']}", 'commons-codec' : "commons-codec:commons-codec:${bomDependencyVersions['commons-codec.version']}", + 'commons-compress' : "org.apache.commons:commons-compress:${bomDependencyVersions['commons-compress.version']}", 'commons-lang3' : "org.apache.commons:commons-lang3:${bomDependencyVersions['commons-lang3.version']}", 'geb-spock' : "org.apache.groovy.geb:geb-spock:${bomDependencyVersions['geb-spock.version']}", + 'h2' : "com.h2database:h2:${bomDependencyVersions['h2.version']}", // start - restate the groovy-bom includes here because the spring dependency management will pick the library from spring-boot-dependencies otherwise 'groovy' : "org.apache.groovy:groovy:${bomDependencyVersions['groovy.version']}", 'groovy-ant' : "org.apache.groovy:groovy-ant:${bomDependencyVersions['groovy.version']}", @@ -177,6 +182,7 @@ ext { 'opentelemetry-sdk-extension-autoconfigure-spi' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi:${bomDependencyVersions['opentelemetry.version']}", 'opentelemetry-sdk-extension-autoconfigure' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:${bomDependencyVersions['opentelemetry.version']}", // end - pin opentelemetry to prevent bom conflicts + 'plexus-utils' : "org.codehaus.plexus:plexus-utils:${bomDependencyVersions['plexus-utils.version']}", 'rxjava' : "io.reactivex:rxjava:${bomDependencyVersions['rxjava.version']}", 'rxjava2' : "io.reactivex.rxjava2:rxjava:${bomDependencyVersions['rxjava2.version']}", 'rxjava3' : "io.reactivex.rxjava3:rxjava:${bomDependencyVersions['rxjava3.version']}", From 377c31b8e3da32b8d7b17c2b119ca342c0de63a3 Mon Sep 17 00:00:00 2001 From: James Daugherty Date: Mon, 4 May 2026 23:25:55 -0400 Subject: [PATCH 3/5] Only do vulnerability scanning on end grails app libraries & set initial exceptions --- .github/workflows/vulnerability-scan.yml | 116 +----------------- .../buildsrc/VulnerabilityScanPlugin.groovy | 5 +- grails-forge/grails-cli-shadow/build.gradle | 1 - grails-forge/grails-cli/build.gradle | 1 - .../build.gradle | 1 - grails-forge/grails-forge-api/build.gradle | 1 - grails-forge/grails-forge-cli/build.gradle | 1 - grails-forge/grails-forge-core/build.gradle | 1 - .../grails-forge-web-netty/build.gradle | 1 - grails-forge/test-core/build.gradle | 1 - grails-gradle/common/build.gradle | 1 - grails-gradle/model/build.gradle | 1 - grails-gradle/plugins/build.gradle | 1 - grails-gradle/tasks/build.gradle | 1 - grails-micronaut/build.gradle | 1 - grails-profiles/base/build.gradle | 1 - grails-profiles/plugin/build.gradle | 1 - grails-profiles/profile/build.gradle | 1 - grails-profiles/rest-api-plugin/build.gradle | 1 - grails-profiles/rest-api/build.gradle | 1 - grails-profiles/web-plugin/build.gradle | 1 - grails-profiles/web/build.gradle | 1 - .../micronaut-groovy-only/build.gradle | 1 - grails-test-examples/micronaut/build.gradle | 1 - .../plugins/micronaut-singleton/build.gradle | 1 - grails-wrapper/build.gradle | 1 - 26 files changed, 6 insertions(+), 139 deletions(-) diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index 21e958fcbc9..e610f12a4ca 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -17,7 +17,9 @@ name: "Vulnerability Scan" on: push: branches: - - '[0-9]+.[0-9]+.x' + - '7.0.x' + - '7.1.x' + - '8.0.x' schedule: # Run every Monday at 03:00 UTC - cron: '0 3 * * 1' @@ -81,115 +83,3 @@ jobs: || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY fi - -# scan-grails-gradle: -# name: "OSS Index Scan - grails-gradle" -# runs-on: ubuntu-24.04 -# permissions: -# contents: read -# security-events: write -# steps: -# - name: "📥 Checkout repository" -# uses: actions/checkout@v6 -# - name: "☕️ Setup JDK" -# uses: actions/setup-java@v4 -# with: -# distribution: liberica -# java-version: 17 -# - name: "🐘 Setup Gradle" -# uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 -# with: -# develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} -# build-root-directory: grails-gradle -# - name: "🔍 Run OSS Index Vulnerability Scan" -# env: -# SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} -# SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} -# continue-on-error: true -# id: scan -# run: cd grails-gradle && ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} -# - name: "📋 Publish Vulnerability Summary" -# if: always() -# run: | -# echo "## 🔍 OSS Index Vulnerability Scan — grails-gradle" >> $GITHUB_STEP_SUMMARY -# if [ "${{ steps.scan.outcome }}" = "success" ]; then -# echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY -# else -# echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY -# echo "" >> $GITHUB_STEP_SUMMARY -# echo '```' >> $GITHUB_STEP_SUMMARY -# awk ' -# BEGIN { in_section=0; in_vuln=0 } -# { gsub(/\033\[[0-9;]*m/, "") } -# /^##\[ossIndexAudit:begin\]/ { in_section=1; next } -# /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } -# !in_section { next } -# /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { -# sub(/^\[[0-9]+\/[0-9]+\] - /, "") -# if (!seen_coord[$0]++) { print ""; print } -# next -# } -# /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } -# in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } -# in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } -# in_vuln { block=block $0 "\n" } -# ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ -# || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY -# echo '```' >> $GITHUB_STEP_SUMMARY -# fi - -# scan-grails-forge: -# name: "OSS Index Scan - grails-forge" -# runs-on: ubuntu-24.04 -# permissions: -# contents: read -# security-events: write -# steps: -# - name: "📥 Checkout repository" -# uses: actions/checkout@v6 -# - name: "☕️ Setup JDK" -# uses: actions/setup-java@v4 -# with: -# distribution: liberica -# java-version: 17 -# - name: "🐘 Setup Gradle" -# uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 -# with: -# develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} -# build-root-directory: grails-forge -# - name: "🔍 Run OSS Index Vulnerability Scan" -# env: -# SONATYPE_GUIDE_USERNAME: ${{ secrets.SONATYPE_GUIDE_USERNAME }} -# SONATYPE_GUIDE_TOKEN: ${{ secrets.SONATYPE_GUIDE_TOKEN }} -# continue-on-error: true -# id: scan -# run: cd grails-forge && ./gradlew ossIndexAudit --continue --info 2>&1 | tee /tmp/ossindex-scan.log; exit ${PIPESTATUS[0]} -# - name: "📋 Publish Vulnerability Summary" -# if: always() -# run: | -# echo "## 🔍 OSS Index Vulnerability Scan — grails-forge" >> $GITHUB_STEP_SUMMARY -# if [ "${{ steps.scan.outcome }}" = "success" ]; then -# echo "✅ No vulnerabilities found." >> $GITHUB_STEP_SUMMARY -# else -# echo "❌ Vulnerabilities detected." >> $GITHUB_STEP_SUMMARY -# echo "" >> $GITHUB_STEP_SUMMARY -# echo '```' >> $GITHUB_STEP_SUMMARY -# awk ' -# BEGIN { in_section=0; in_vuln=0 } -# { gsub(/\033\[[0-9;]*m/, "") } -# /^##\[ossIndexAudit:begin\]/ { in_section=1; next } -# /^##\[ossIndexAudit:end\]/ { in_section=0; in_vuln=0; next } -# !in_section { next } -# /^\[[0-9]+\/[0-9]+\] - pkg:maven\// { -# sub(/^\[[0-9]+\/[0-9]+\] - /, "") -# if (!seen_coord[$0]++) { print ""; print } -# next -# } -# /^ Vulnerability Title:/ { in_vuln=1; block=$0 "\n"; cve_id=""; next } -# in_vuln && /^ CVE:/ { match($0,/CVE-[0-9-]+/); if (RSTART) cve_id=substr($0,RSTART,RLENGTH); block=block $0 "\n"; next } -# in_vuln && /^ Reference:/ { block=block $0 "\n"; if (cve_id && !seen_cve[cve_id]++) printf "%s",block; in_vuln=0; next } -# in_vuln { block=block $0 "\n" } -# ' /tmp/ossindex-scan.log >> $GITHUB_STEP_SUMMARY \ -# || echo "(no scan output captured — check the full log)" >> $GITHUB_STEP_SUMMARY -# echo '```' >> $GITHUB_STEP_SUMMARY -# fi diff --git a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy index 71fc6985da9..5bd234c6548 100644 --- a/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy +++ b/build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/VulnerabilityScanPlugin.groovy @@ -49,11 +49,12 @@ class VulnerabilityScanPlugin implements Plugin { extension.username = System.getenv('SONATYPE_GUIDE_USERNAME') ?: '' extension.password = System.getenv('SONATYPE_GUIDE_TOKEN') ?: '' extension.excludeCoordinates = [ + 'org.hibernate:hibernate-core:5.6.11.Final', // CVE-2018-14335: Sonatype flags this against all H2 versions; no upstream fix exists. - 'pkg:maven/com.h2database/h2@2.4.240', + 'com.h2database:h2:2.4.240', // CVE-2026-22747: spring-security-web 6.5.10 is the latest available release; no fix exists yet upstream. // Remove this exclusion once Spring Security releases a patched version and spring-boot.version is bumped. - 'pkg:maven/org.springframework.security/spring-security-web@6.5.10', + 'org.springframework.security:spring-security-web:6.5.10', ] as Set project.tasks.named(TASK_NAME) { task -> diff --git a/grails-forge/grails-cli-shadow/build.gradle b/grails-forge/grails-cli-shadow/build.gradle index 8196a64654d..6978124d70c 100644 --- a/grails-forge/grails-cli-shadow/build.gradle +++ b/grails-forge/grails-cli-shadow/build.gradle @@ -24,7 +24,6 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-cli/build.gradle b/grails-forge/grails-cli/build.gradle index 733994d44cc..eaf424525c9 100644 --- a/grails-forge/grails-cli/build.gradle +++ b/grails-forge/grails-cli/build.gradle @@ -29,7 +29,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } ext { diff --git a/grails-forge/grails-forge-analytics-postgres/build.gradle b/grails-forge/grails-forge-analytics-postgres/build.gradle index 6a2510657c7..bedb101af1d 100644 --- a/grails-forge/grails-forge-analytics-postgres/build.gradle +++ b/grails-forge/grails-forge-analytics-postgres/build.gradle @@ -21,7 +21,6 @@ plugins { id 'com.gradleup.shadow' id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'io.micronaut.application' version "$micronautApplicationPluginVersion" } diff --git a/grails-forge/grails-forge-api/build.gradle b/grails-forge/grails-forge-api/build.gradle index c12c9ccfe4d..116f5e6e0c9 100644 --- a/grails-forge/grails-forge-api/build.gradle +++ b/grails-forge/grails-forge-api/build.gradle @@ -23,7 +23,6 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-cli/build.gradle b/grails-forge/grails-forge-cli/build.gradle index 56498dafe5a..8572b144fb0 100644 --- a/grails-forge/grails-forge-cli/build.gradle +++ b/grails-forge/grails-forge-cli/build.gradle @@ -29,7 +29,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-core/build.gradle b/grails-forge/grails-forge-core/build.gradle index a0983907c48..9343840d953 100644 --- a/grails-forge/grails-forge-core/build.gradle +++ b/grails-forge/grails-forge-core/build.gradle @@ -28,7 +28,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-forge/grails-forge-web-netty/build.gradle b/grails-forge/grails-forge-web-netty/build.gradle index 9129b512dac..43577700d93 100644 --- a/grails-forge/grails-forge-web-netty/build.gradle +++ b/grails-forge/grails-forge-web-netty/build.gradle @@ -21,7 +21,6 @@ plugins { id 'com.gradleup.shadow' id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'io.micronaut.application' version "$micronautApplicationPluginVersion" } diff --git a/grails-forge/test-core/build.gradle b/grails-forge/test-core/build.gradle index 5f36b283ce6..c898449a5e8 100644 --- a/grails-forge/test-core/build.gradle +++ b/grails-forge/test-core/build.gradle @@ -24,7 +24,6 @@ plugins { id 'org.apache.grails.buildsrc.dependency-validator' id 'org.grails.forge.rocker' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-gradle/common/build.gradle b/grails-gradle/common/build.gradle index 689af52a46b..0adcdb6644b 100644 --- a/grails-gradle/common/build.gradle +++ b/grails-gradle/common/build.gradle @@ -23,7 +23,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/model/build.gradle b/grails-gradle/model/build.gradle index ddf742c5fb0..76e45ba9fd4 100644 --- a/grails-gradle/model/build.gradle +++ b/grails-gradle/model/build.gradle @@ -26,7 +26,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/plugins/build.gradle b/grails-gradle/plugins/build.gradle index 8120e7db31e..0c53d94c044 100644 --- a/grails-gradle/plugins/build.gradle +++ b/grails-gradle/plugins/build.gradle @@ -25,7 +25,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-gradle/tasks/build.gradle b/grails-gradle/tasks/build.gradle index 1dd22c4c944..a994c5f868c 100644 --- a/grails-gradle/tasks/build.gradle +++ b/grails-gradle/tasks/build.gradle @@ -25,7 +25,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } diff --git a/grails-micronaut/build.gradle b/grails-micronaut/build.gradle index b268c2d04df..1b94a6a2bc8 100644 --- a/grails-micronaut/build.gradle +++ b/grails-micronaut/build.gradle @@ -26,7 +26,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = projectVersion diff --git a/grails-profiles/base/build.gradle b/grails-profiles/base/build.gradle index e00dffde786..aa5e783c345 100644 --- a/grails-profiles/base/build.gradle +++ b/grails-profiles/base/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/plugin/build.gradle b/grails-profiles/plugin/build.gradle index 390141a3c2b..b44492cf082 100644 --- a/grails-profiles/plugin/build.gradle +++ b/grails-profiles/plugin/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/profile/build.gradle b/grails-profiles/profile/build.gradle index 1034774d58e..827eaf49d23 100644 --- a/grails-profiles/profile/build.gradle +++ b/grails-profiles/profile/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/rest-api-plugin/build.gradle b/grails-profiles/rest-api-plugin/build.gradle index e1b5d73bd41..62d143ed21c 100644 --- a/grails-profiles/rest-api-plugin/build.gradle +++ b/grails-profiles/rest-api-plugin/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/rest-api/build.gradle b/grails-profiles/rest-api/build.gradle index 29ddadc94b9..69e57475c85 100644 --- a/grails-profiles/rest-api/build.gradle +++ b/grails-profiles/rest-api/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/web-plugin/build.gradle b/grails-profiles/web-plugin/build.gradle index 5c6d8f470dd..a7a7e95f782 100644 --- a/grails-profiles/web-plugin/build.gradle +++ b/grails-profiles/web-plugin/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-profiles/web/build.gradle b/grails-profiles/web/build.gradle index 10f4c5c9dd1..7db693f00ca 100644 --- a/grails-profiles/web/build.gradle +++ b/grails-profiles/web/build.gradle @@ -18,7 +18,6 @@ plugins { id 'org.apache.grails.gradle.grails-profile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' } group = 'org.apache.grails.profiles' diff --git a/grails-test-examples/micronaut-groovy-only/build.gradle b/grails-test-examples/micronaut-groovy-only/build.gradle index d1fd5dbf8a3..62abb364315 100644 --- a/grails-test-examples/micronaut-groovy-only/build.gradle +++ b/grails-test-examples/micronaut-groovy-only/build.gradle @@ -20,7 +20,6 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/micronaut/build.gradle b/grails-test-examples/micronaut/build.gradle index d4fca0e6aa2..859b9117961 100644 --- a/grails-test-examples/micronaut/build.gradle +++ b/grails-test-examples/micronaut/build.gradle @@ -22,7 +22,6 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1' diff --git a/grails-test-examples/plugins/micronaut-singleton/build.gradle b/grails-test-examples/plugins/micronaut-singleton/build.gradle index ea903852c37..96d97930f73 100644 --- a/grails-test-examples/plugins/micronaut-singleton/build.gradle +++ b/grails-test-examples/plugins/micronaut-singleton/build.gradle @@ -20,7 +20,6 @@ plugins { id 'org.apache.grails.buildsrc.properties' id 'org.apache.grails.buildsrc.dependency-validator' id 'org.apache.grails.buildsrc.compile' - id 'org.apache.grails.buildsrc.vulnerability-scan' } version = '0.1-SNAPSHOT' diff --git a/grails-wrapper/build.gradle b/grails-wrapper/build.gradle index 2b9963b40cc..136c9bedcaa 100644 --- a/grails-wrapper/build.gradle +++ b/grails-wrapper/build.gradle @@ -23,7 +23,6 @@ plugins { id 'org.apache.grails.buildsrc.compile' id 'org.apache.grails.buildsrc.publish' id 'org.apache.grails.buildsrc.sbom' - id 'org.apache.grails.buildsrc.vulnerability-scan' id 'org.apache.grails.gradle.grails-code-style' } From 7c523336f8964366adcd57fbda8bb8901507230d Mon Sep 17 00:00:00 2001 From: James Daugherty Date: Tue, 5 May 2026 10:45:49 -0400 Subject: [PATCH 4/5] Update asm version --- grails-gradle/model/build.gradle | 3 +++ .../org/grails/io/support/MainClassFinder.groovy | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/grails-gradle/model/build.gradle b/grails-gradle/model/build.gradle index 76e45ba9fd4..30885312616 100644 --- a/grails-gradle/model/build.gradle +++ b/grails-gradle/model/build.gradle @@ -48,6 +48,9 @@ dependencies { compileOnly 'org.codehaus.groovy:groovy' compileOnly 'org.codehaus.groovy:groovy-xml' + // Use explicit ASM instead of groovyjarjarasm to support Java 17+ class files (major version 61+) + implementation 'org.ow2.asm:asm' + testImplementation 'org.codehaus.groovy:groovy-test-junit5' testImplementation 'org.junit.jupiter:junit-jupiter-api' testImplementation 'org.junit.platform:junit-platform-runner' diff --git a/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy b/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy index 10e93542513..797c4e13f4e 100644 --- a/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy +++ b/grails-gradle/model/src/main/groovy/org/grails/io/support/MainClassFinder.groovy @@ -24,11 +24,11 @@ import java.util.concurrent.ConcurrentHashMap import groovy.transform.CompileStatic -import groovyjarjarasm.asm.ClassReader -import groovyjarjarasm.asm.ClassVisitor -import groovyjarjarasm.asm.MethodVisitor -import groovyjarjarasm.asm.Opcodes -import groovyjarjarasm.asm.Type +import org.objectweb.asm.ClassReader +import org.objectweb.asm.ClassVisitor +import org.objectweb.asm.MethodVisitor +import org.objectweb.asm.Opcodes +import org.objectweb.asm.Type import grails.util.BuildSettings From d1e8460ca0713af30170218e455188df47f3158c Mon Sep 17 00:00:00 2001 From: James Daugherty Date: Tue, 5 May 2026 11:13:32 -0400 Subject: [PATCH 5/5] Update ASM versions --- dependencies.gradle | 157 ++++++++++++++++--------------- grails-gradle/model/build.gradle | 5 +- 2 files changed, 83 insertions(+), 79 deletions(-) diff --git a/dependencies.gradle b/dependencies.gradle index de03f28e833..ac123683eaf 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -23,6 +23,7 @@ ext { gradleBomDependencyVersions = [ 'ant.version' : '1.10.15', + 'asm.version' : '9.7.1', 'asciidoctor-gradle-jvm.version': '4.0.5', 'asciidoctorj.version' : '3.0.0', 'asset-pipeline-gradle.version' : '5.0.34', @@ -50,6 +51,8 @@ ext { gradleBomDependencies = [ 'ant' : "org.apache.ant:ant:${gradleBomDependencyVersions['ant.version']}", 'ant-junit' : "org.apache.ant:ant-junit:${gradleBomDependencyVersions['ant.version']}", + 'asm' : "org.ow2.asm:asm:${gradleBomDependencyVersions['asm.version']}", + 'asm-util' : "org.ow2.asm:asm-util:${gradleBomDependencyVersions['asm.version']}", 'asciidoctor-gradle-jvm': "org.asciidoctor:asciidoctor-gradle-jvm:${gradleBomDependencyVersions['asciidoctor-gradle-jvm.version']}", 'asciidoctorj' : "org.asciidoctor:asciidoctorj:${gradleBomDependencyVersions['asciidoctorj.version']}", 'asset-pipeline-gradle' : "cloud.wondrify:asset-pipeline-gradle:${gradleBomDependencyVersions['asset-pipeline-gradle.version']}", @@ -67,10 +70,11 @@ ext { ] bomDependencyVersions = [ + 'asm.version' : '9.9.1', 'asset-pipeline-bom.version' : '5.0.34', 'bootstrap-icons.version' : '1.13.1', 'bootstrap.version' : '5.3.8', - 'commons-codec.version' : '1.18.0', + 'commons-codec.version' : '1.19.0', 'commons-compress.version' : '1.28.0', 'commons-lang3.version' : '3.20.0', 'geb-spock.version' : '8.0.1', @@ -107,87 +111,89 @@ ext { // Note: the name of the dependency must be the prefix of the property name so properties in the pom are resolved correctly bomDependencies = [ - 'bootstrap' : "org.webjars.npm:bootstrap:${bomDependencyVersions['bootstrap.version']}", - 'bootstrap-icons' : "org.webjars.npm:bootstrap-icons:${bomDependencyVersions['bootstrap-icons.version']}", - 'commons-codec' : "commons-codec:commons-codec:${bomDependencyVersions['commons-codec.version']}", - 'commons-compress' : "org.apache.commons:commons-compress:${bomDependencyVersions['commons-compress.version']}", - 'commons-lang3' : "org.apache.commons:commons-lang3:${bomDependencyVersions['commons-lang3.version']}", - 'geb-spock' : "org.apache.groovy.geb:geb-spock:${bomDependencyVersions['geb-spock.version']}", - 'h2' : "com.h2database:h2:${bomDependencyVersions['h2.version']}", + 'asm' : "org.ow2.asm:asm:${bomDependencyVersions['asm.version']}", + 'asm-util' : "org.ow2.asm:asm-util:${bomDependencyVersions['asm.version']}", + 'bootstrap' : "org.webjars.npm:bootstrap:${bomDependencyVersions['bootstrap.version']}", + 'bootstrap-icons' : "org.webjars.npm:bootstrap-icons:${bomDependencyVersions['bootstrap-icons.version']}", + 'commons-codec' : "commons-codec:commons-codec:${bomDependencyVersions['commons-codec.version']}", + 'commons-compress' : "org.apache.commons:commons-compress:${bomDependencyVersions['commons-compress.version']}", + 'commons-lang3' : "org.apache.commons:commons-lang3:${bomDependencyVersions['commons-lang3.version']}", + 'geb-spock' : "org.apache.groovy.geb:geb-spock:${bomDependencyVersions['geb-spock.version']}", + 'h2' : "com.h2database:h2:${bomDependencyVersions['h2.version']}", // start - restate the groovy-bom includes here because the spring dependency management will pick the library from spring-boot-dependencies otherwise - 'groovy' : "org.apache.groovy:groovy:${bomDependencyVersions['groovy.version']}", - 'groovy-ant' : "org.apache.groovy:groovy-ant:${bomDependencyVersions['groovy.version']}", - 'groovy-astbuilder' : "org.apache.groovy:groovy-astbuilder:${bomDependencyVersions['groovy.version']}", - 'groovy-cli-commons' : "org.apache.groovy:groovy-cli-commons:${bomDependencyVersions['groovy.version']}", - 'groovy-cli-picocli' : "org.apache.groovy:groovy-cli-picocli:${bomDependencyVersions['groovy.version']}", - 'groovy-console' : "org.apache.groovy:groovy-console:${bomDependencyVersions['groovy.version']}", - 'groovy-contracts' : "org.apache.groovy:groovy-contracts:${bomDependencyVersions['groovy.version']}", - 'groovy-datetime' : "org.apache.groovy:groovy-datetime:${bomDependencyVersions['groovy.version']}", - 'groovy-dateutil' : "org.apache.groovy:groovy-dateutil:${bomDependencyVersions['groovy.version']}", - 'groovy-docgenerator' : "org.apache.groovy:groovy-docgenerator:${bomDependencyVersions['groovy.version']}", - 'groovy-ginq' : "org.apache.groovy:groovy-ginq:${bomDependencyVersions['groovy.version']}", - 'groovy-groovydoc' : "org.apache.groovy:groovy-groovydoc:${bomDependencyVersions['groovy.version']}", - 'groovy-groovysh' : "org.apache.groovy:groovy-groovysh:${bomDependencyVersions['groovy.version']}", - 'groovy-jmx' : "org.apache.groovy:groovy-jmx:${bomDependencyVersions['groovy.version']}", - 'groovy-json' : "org.apache.groovy:groovy-json:${bomDependencyVersions['groovy.version']}", - 'groovy-jsr223' : "org.apache.groovy:groovy-jsr223:${bomDependencyVersions['groovy.version']}", - 'groovy-macro' : "org.apache.groovy:groovy-macro:${bomDependencyVersions['groovy.version']}", - 'groovy-macro-library' : "org.apache.groovy:groovy-macro-library:${bomDependencyVersions['groovy.version']}", - 'groovy-nio' : "org.apache.groovy:groovy-nio:${bomDependencyVersions['groovy.version']}", - 'groovy-servlet' : "org.apache.groovy:groovy-servlet:${bomDependencyVersions['groovy.version']}", - 'groovy-sql' : "org.apache.groovy:groovy-sql:${bomDependencyVersions['groovy.version']}", - 'groovy-swing' : "org.apache.groovy:groovy-swing:${bomDependencyVersions['groovy.version']}", - 'groovy-templates' : "org.apache.groovy:groovy-templates:${bomDependencyVersions['groovy.version']}", - 'groovy-test' : "org.apache.groovy:groovy-test:${bomDependencyVersions['groovy.version']}", - 'groovy-test-junit5' : "org.apache.groovy:groovy-test-junit5:${bomDependencyVersions['groovy.version']}", - 'groovy-testng' : "org.apache.groovy:groovy-testng:${bomDependencyVersions['groovy.version']}", - 'groovy-toml' : "org.apache.groovy:groovy-toml:${bomDependencyVersions['groovy.version']}", - 'groovy-typecheckers' : "org.apache.groovy:groovy-typecheckers:${bomDependencyVersions['groovy.version']}", - 'groovy-xml' : "org.apache.groovy:groovy-xml:${bomDependencyVersions['groovy.version']}", - 'groovy-yaml' : "org.apache.groovy:groovy-yaml:${bomDependencyVersions['groovy.version']}", + 'groovy' : "org.apache.groovy:groovy:${bomDependencyVersions['groovy.version']}", + 'groovy-ant' : "org.apache.groovy:groovy-ant:${bomDependencyVersions['groovy.version']}", + 'groovy-astbuilder' : "org.apache.groovy:groovy-astbuilder:${bomDependencyVersions['groovy.version']}", + 'groovy-cli-commons' : "org.apache.groovy:groovy-cli-commons:${bomDependencyVersions['groovy.version']}", + 'groovy-cli-picocli' : "org.apache.groovy:groovy-cli-picocli:${bomDependencyVersions['groovy.version']}", + 'groovy-console' : "org.apache.groovy:groovy-console:${bomDependencyVersions['groovy.version']}", + 'groovy-contracts' : "org.apache.groovy:groovy-contracts:${bomDependencyVersions['groovy.version']}", + 'groovy-datetime' : "org.apache.groovy:groovy-datetime:${bomDependencyVersions['groovy.version']}", + 'groovy-dateutil' : "org.apache.groovy:groovy-dateutil:${bomDependencyVersions['groovy.version']}", + 'groovy-docgenerator' : "org.apache.groovy:groovy-docgenerator:${bomDependencyVersions['groovy.version']}", + 'groovy-ginq' : "org.apache.groovy:groovy-ginq:${bomDependencyVersions['groovy.version']}", + 'groovy-groovydoc' : "org.apache.groovy:groovy-groovydoc:${bomDependencyVersions['groovy.version']}", + 'groovy-groovysh' : "org.apache.groovy:groovy-groovysh:${bomDependencyVersions['groovy.version']}", + 'groovy-jmx' : "org.apache.groovy:groovy-jmx:${bomDependencyVersions['groovy.version']}", + 'groovy-json' : "org.apache.groovy:groovy-json:${bomDependencyVersions['groovy.version']}", + 'groovy-jsr223' : "org.apache.groovy:groovy-jsr223:${bomDependencyVersions['groovy.version']}", + 'groovy-macro' : "org.apache.groovy:groovy-macro:${bomDependencyVersions['groovy.version']}", + 'groovy-macro-library' : "org.apache.groovy:groovy-macro-library:${bomDependencyVersions['groovy.version']}", + 'groovy-nio' : "org.apache.groovy:groovy-nio:${bomDependencyVersions['groovy.version']}", + 'groovy-servlet' : "org.apache.groovy:groovy-servlet:${bomDependencyVersions['groovy.version']}", + 'groovy-sql' : "org.apache.groovy:groovy-sql:${bomDependencyVersions['groovy.version']}", + 'groovy-swing' : "org.apache.groovy:groovy-swing:${bomDependencyVersions['groovy.version']}", + 'groovy-templates' : "org.apache.groovy:groovy-templates:${bomDependencyVersions['groovy.version']}", + 'groovy-test' : "org.apache.groovy:groovy-test:${bomDependencyVersions['groovy.version']}", + 'groovy-test-junit5' : "org.apache.groovy:groovy-test-junit5:${bomDependencyVersions['groovy.version']}", + 'groovy-testng' : "org.apache.groovy:groovy-testng:${bomDependencyVersions['groovy.version']}", + 'groovy-toml' : "org.apache.groovy:groovy-toml:${bomDependencyVersions['groovy.version']}", + 'groovy-typecheckers' : "org.apache.groovy:groovy-typecheckers:${bomDependencyVersions['groovy.version']}", + 'groovy-xml' : "org.apache.groovy:groovy-xml:${bomDependencyVersions['groovy.version']}", + 'groovy-yaml' : "org.apache.groovy:groovy-yaml:${bomDependencyVersions['groovy.version']}", // end - restate the groovy-bom here because the spring dependency management - 'jquery' : "org.webjars.npm:jquery:${bomDependencyVersions['jquery.version']}", + 'jquery' : "org.webjars.npm:jquery:${bomDependencyVersions['jquery.version']}", // start - boot & selenium conflict, so pin the version we want (newest) - 'jakarta-servlet-api' : "jakarta.servlet:jakarta.servlet-api:${bomDependencyVersions['jakarta-servlet-api.version']}", - 'jakarta-validation-api' : "jakarta.validation:jakarta.validation-api:${bomDependencyVersions['jakarta-validation-api.version']}", + 'jakarta-servlet-api' : "jakarta.servlet:jakarta.servlet-api:${bomDependencyVersions['jakarta-servlet-api.version']}", + 'jakarta-validation-api' : "jakarta.validation:jakarta.validation-api:${bomDependencyVersions['jakarta-validation-api.version']}", // end - boot & selenium conflict, so pin the version we want (newest) // start - boot & spock conflict, so pin the version we want (newest) - 'junit-jupiter' : "org.junit.jupiter:junit-jupiter:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-api' : "org.junit.jupiter:junit-jupiter-api:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-engine' : "org.junit.jupiter:junit-jupiter-engine:${bomDependencyVersions['junit.version']}", - 'junit-jupiter-params' : "org.junit.jupiter:junit-jupiter-params:${bomDependencyVersions['junit.version']}", - 'junit-platform-commons' : "org.junit.platform:junit-platform-commons:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-engine' : "org.junit.platform:junit-platform-engine:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-launcher' : "org.junit.platform:junit-platform-launcher:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-runner' : "org.junit.platform:junit-platform-runner:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite' : "org.junit.platform:junit-platform-suite:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-api' : "org.junit.platform:junit-platform-suite-api:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-commons': "org.junit.platform:junit-platform-suite-commons:${bomDependencyVersions['junit-platform.version']}", - 'junit-platform-suite-engine' : "org.junit.platform:junit-platform-suite-engine:${bomDependencyVersions['junit-platform.version']}", + 'junit-jupiter' : "org.junit.jupiter:junit-jupiter:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-api' : "org.junit.jupiter:junit-jupiter-api:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-engine' : "org.junit.jupiter:junit-jupiter-engine:${bomDependencyVersions['junit.version']}", + 'junit-jupiter-params' : "org.junit.jupiter:junit-jupiter-params:${bomDependencyVersions['junit.version']}", + 'junit-platform-commons' : "org.junit.platform:junit-platform-commons:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-engine' : "org.junit.platform:junit-platform-engine:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-launcher' : "org.junit.platform:junit-platform-launcher:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-runner' : "org.junit.platform:junit-platform-runner:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite' : "org.junit.platform:junit-platform-suite:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-api' : "org.junit.platform:junit-platform-suite-api:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-commons' : "org.junit.platform:junit-platform-suite-commons:${bomDependencyVersions['junit-platform.version']}", + 'junit-platform-suite-engine' : "org.junit.platform:junit-platform-suite-engine:${bomDependencyVersions['junit-platform.version']}", // end - boot & spock conflict, so pin the version we want (newest) - 'hibernate-groovy-proxy' : "org.yakworks:hibernate-groovy-proxy:${bomDependencyVersions['hibernate-groovy-proxy.version']}", - 'mongodb-bson' : "org.mongodb:bson:${bomDependencyVersions['mongodb.version']}", - 'mongodb-driver-core' : "org.mongodb:mongodb-driver-core:${bomDependencyVersions['mongodb.version']}", - 'mongodb-driver-sync' : "org.mongodb:mongodb-driver-sync:${bomDependencyVersions['mongodb.version']}", - 'mongodb-record-codec' : "org.mongodb:bson-record-codec:${bomDependencyVersions['mongodb.version']}", + 'hibernate-groovy-proxy' : "org.yakworks:hibernate-groovy-proxy:${bomDependencyVersions['hibernate-groovy-proxy.version']}", + 'mongodb-bson' : "org.mongodb:bson:${bomDependencyVersions['mongodb.version']}", + 'mongodb-driver-core' : "org.mongodb:mongodb-driver-core:${bomDependencyVersions['mongodb.version']}", + 'mongodb-driver-sync' : "org.mongodb:mongodb-driver-sync:${bomDependencyVersions['mongodb.version']}", + 'mongodb-record-codec' : "org.mongodb:bson-record-codec:${bomDependencyVersions['mongodb.version']}", // start - pin opentelemetry to prevent bom conflicts - 'opentelemetry-api' : "io.opentelemetry:opentelemetry-api:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-context' : "io.opentelemetry:opentelemetry-context:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-exporter-logging' : "io.opentelemetry:opentelemetry-exporter-logging:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk' : "io.opentelemetry:opentelemetry-sdk:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-common' : "io.opentelemetry:opentelemetry-sdk-common:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-trace' : "io.opentelemetry:opentelemetry-sdk-trace:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-metrics' : "io.opentelemetry:opentelemetry-sdk-metrics:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-logs' : "io.opentelemetry:opentelemetry-sdk-logs:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-extension-autoconfigure-spi' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi:${bomDependencyVersions['opentelemetry.version']}", - 'opentelemetry-sdk-extension-autoconfigure' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-api' : "io.opentelemetry:opentelemetry-api:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-context' : "io.opentelemetry:opentelemetry-context:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-exporter-logging' : "io.opentelemetry:opentelemetry-exporter-logging:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk' : "io.opentelemetry:opentelemetry-sdk:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-common' : "io.opentelemetry:opentelemetry-sdk-common:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-trace' : "io.opentelemetry:opentelemetry-sdk-trace:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-metrics' : "io.opentelemetry:opentelemetry-sdk-metrics:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-logs' : "io.opentelemetry:opentelemetry-sdk-logs:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-extension-autoconfigure-spi': "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure-spi:${bomDependencyVersions['opentelemetry.version']}", + 'opentelemetry-sdk-extension-autoconfigure' : "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:${bomDependencyVersions['opentelemetry.version']}", // end - pin opentelemetry to prevent bom conflicts - 'plexus-utils' : "org.codehaus.plexus:plexus-utils:${bomDependencyVersions['plexus-utils.version']}", - 'rxjava' : "io.reactivex:rxjava:${bomDependencyVersions['rxjava.version']}", - 'rxjava2' : "io.reactivex.rxjava2:rxjava:${bomDependencyVersions['rxjava2.version']}", - 'rxjava3' : "io.reactivex.rxjava3:rxjava:${bomDependencyVersions['rxjava3.version']}", - 'sitemesh' : "opensymphony:sitemesh:${bomDependencyVersions['sitemesh.version']}", - 'starter-sitemesh' : "org.sitemesh:spring-boot-starter-sitemesh:${bomDependencyVersions['starter-sitemesh.version']}", + 'plexus-utils' : "org.codehaus.plexus:plexus-utils:${bomDependencyVersions['plexus-utils.version']}", + 'rxjava' : "io.reactivex:rxjava:${bomDependencyVersions['rxjava.version']}", + 'rxjava2' : "io.reactivex.rxjava2:rxjava:${bomDependencyVersions['rxjava2.version']}", + 'rxjava3' : "io.reactivex.rxjava3:rxjava:${bomDependencyVersions['rxjava3.version']}", + 'sitemesh' : "opensymphony:sitemesh:${bomDependencyVersions['sitemesh.version']}", + 'starter-sitemesh' : "org.sitemesh:spring-boot-starter-sitemesh:${bomDependencyVersions['starter-sitemesh.version']}", ] // Because pom exclusions aren't properly supported by gradle, we can't inherit the grails-gradle-bom @@ -225,14 +231,11 @@ ext { else if (project.name == 'grails-micronaut-bom') { customBomVersions = [ 'javaparser-core.version': '3.27.0', // micronaut requires 3.27, groovy 4 ships with 3.28 but is compatible with 3.27 - 'asm.version' : '9.9.1', 'guava.version' : '33.5.0-jre', ] combinedVersions += customBomVersions customBomDependencies = [ 'javaparser-core': "com.github.javaparser:javaparser-core:${combinedVersions['javaparser-core.version']}", - 'asm' : "org.ow2.asm:asm:${combinedVersions['asm.version']}", - 'asm-util' : "org.ow2.asm:asm-util:${combinedVersions['asm.version']}", 'guava' : "com.google.guava:guava:${combinedVersions['guava.version']}", ] combinedDependencies += customBomDependencies diff --git a/grails-gradle/model/build.gradle b/grails-gradle/model/build.gradle index 30885312616..de0741a3354 100644 --- a/grails-gradle/model/build.gradle +++ b/grails-gradle/model/build.gradle @@ -48,8 +48,9 @@ dependencies { compileOnly 'org.codehaus.groovy:groovy' compileOnly 'org.codehaus.groovy:groovy-xml' - // Use explicit ASM instead of groovyjarjarasm to support Java 17+ class files (major version 61+) - implementation 'org.ow2.asm:asm' + // Use explicit ASM instead of groovyjarjarasm to support Java 17+ class files (major version 61+). + // api scope is required so Groovy's type checker can resolve ASM references when compiling dependents. + api 'org.ow2.asm:asm' testImplementation 'org.codehaus.groovy:groovy-test-junit5' testImplementation 'org.junit.jupiter:junit-jupiter-api'